# 官方因安全考虑未允许本地文件读写这块，所以这种方式在本地调试没问题，但在华为云rf控制台操作时出错。
# 创建华为云的AK
# 创建IAM用户
resource "huaweicloud_identity_user" "iam_user" {
	# 账号密码设置动态生成
	name        = "wmacctest"
	password    = "${local.ecspassword}@23"
	description = "terraform test user"
}
# 创建AK
resource "huaweicloud_identity_access_key" "acc_key" {
	user_id = huaweicloud_identity_user.iam_user.id
}
# 查找名为admin的用户组
data "huaweicloud_identity_group" "user_group" {
	name = "admin"
}
# 将角色设置到组中
resource "huaweicloud_identity_group_membership" "membership" {
	group = data.huaweicloud_identity_group.user_group.id
	users = [
		 huaweicloud_identity_user.iam_user.id
	]
}
# 将本地下载下来的 csv文件读取，读ak
locals{
	usercsv_file      = csvdecode(replace(file("./credentials-${huaweicloud_identity_access_key.acc_key.user_name}.csv"), " ", "_"))
    access_key_id     = local.usercsv_file[0].Access_Key_ID
    secret_access_key = local.usercsv_file[0].Secret_Access_Key
}
